Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/AimOziYR2OkLSA7kaQfVdtwBPOs.roa
File: AimOziYR2OkLSA7kaQfVdtwBPOs.roa (raw, json)
Hash identifier: AbfAuUSbGbZ6OXbpcQwNGQ3D2exfARdJ6+TpcFfv1LU=
Subject key identifier: 02:29:8E:CE:26:11:D8:E9:0B:48:0E:E4:69:07:D5:76:DC:01:3C:EB
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01829206497899D74B0F5761FC29A370F7C1
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/AimOziYR2OkLSA7kaQfVdtwBPOs.roa
Signing time: Fri 12 Aug 2022 12:27:41 +0000
ROA not before: Fri 12 Aug 2022 12:27:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29262
IP address blocks: 185.87.24.0/24 maxlen: 24
185.87.27.0/24 maxlen: 24
185.87.26.0/24 maxlen: 24
185.85.191.0/24 maxlen: 24
185.85.190.0/24 maxlen: 24
185.85.189.0/24 maxlen: 24
185.87.123.0/24 maxlen: 24
185.87.122.0/24 maxlen: 24
185.87.121.0/24 maxlen: 24
185.141.32.0/24 maxlen: 24
185.119.83.0/24 maxlen: 24
185.119.82.0/24 maxlen: 24
185.119.81.0/24 maxlen: 24
185.119.80.0/24 maxlen: 24
185.85.237.0/24 maxlen: 24
185.85.239.0/24 maxlen: 24
185.85.238.0/24 maxlen: 24
185.86.5.0/24 maxlen: 24
185.86.13.0/24 maxlen: 24
185.86.154.0/24 maxlen: 24
185.86.153.0/24 maxlen: 24
185.86.166.0/24 maxlen: 24
185.86.165.0/24 maxlen: 24
185.86.164.0/24 maxlen: 24
185.86.167.0/24 maxlen: 24
185.98.60.0/24 maxlen: 24
2a0b:6780::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:92:06:49:78:99:d7:4b:0f:57:61:fc:29:a3:70:f7:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Aug 12 12:27:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02298ece2611d8e90b480ee46907d576dc013ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d5:f4:9e:cd:59:74:e9:2b:ce:7a:f5:a1:3a:
e3:12:03:0c:2e:49:78:96:7d:71:01:8d:65:ff:d4:
6c:33:e2:ab:02:61:f5:3a:72:b8:db:76:eb:64:b3:
db:b8:fa:bc:22:a0:b1:e8:f1:e0:e4:65:46:ed:23:
4a:55:6c:54:16:75:b6:f7:9d:87:64:1b:c8:dd:c6:
0f:6d:63:06:d3:fd:ff:86:70:c4:54:83:d3:17:26:
7c:0d:6c:7f:f9:93:4d:e7:10:d9:c1:0d:13:25:dd:
a9:09:89:56:0b:1a:50:6c:4f:3b:87:0d:3e:21:0f:
8e:bd:34:3c:50:a9:bd:b3:19:46:b2:68:f1:5a:38:
3d:76:57:e6:ad:96:57:2f:b6:89:2c:22:ac:29:4c:
3a:ee:39:6b:9d:49:9e:aa:6b:50:01:8d:81:b8:08:
61:e9:6f:30:08:7a:ac:6a:bd:b2:a1:1b:b1:20:bb:
8f:28:1f:43:50:b4:61:9d:b5:97:79:9c:39:4d:66:
4d:c1:aa:34:62:7d:8d:8d:98:a5:cf:37:4e:92:a0:
e8:c7:73:c7:a9:b3:d9:e0:d8:df:40:03:f7:82:49:
41:11:ec:9f:e2:7a:28:44:68:57:9e:0f:4d:ce:4f:
78:5e:74:b5:11:61:a4:38:64:3a:61:df:13:db:04:
70:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:29:8E:CE:26:11:D8:E9:0B:48:0E:E4:69:07:D5:76:DC:01:3C:EB
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/AimOziYR2OkLSA7kaQfVdtwBPOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.189.0-185.85.191.255
185.85.237.0-185.85.239.255
185.86.5.0/24
185.86.13.0/24
185.86.153.0-185.86.154.255
185.86.164.0/22
185.87.24.0/24
185.87.26.0/23
185.87.121.0-185.87.123.255
185.98.60.0/24
185.119.80.0/22
185.141.32.0/24
IPv6:
2a0b:6780::/29
Signature Algorithm: sha256WithRSAEncryption
59:99:37:65:5d:e4:1d:ab:70:d6:c0:5f:20:00:0a:ab:78:c3:
e6:99:cb:c9:a4:1a:50:3c:9b:8d:1d:85:25:c8:4c:fd:f2:e7:
4c:a6:90:84:63:ac:90:38:7c:6c:22:c7:e8:a0:df:7b:e0:02:
70:e2:2e:d4:1b:12:94:bb:b8:86:d1:e7:31:78:fa:71:04:8a:
5c:31:41:d9:ac:97:90:55:0c:95:23:17:34:a7:97:98:f0:d5:
30:35:a1:7b:ce:71:49:92:27:48:28:8b:69:fc:f6:07:7a:10:
8f:5e:e1:88:ca:c2:3c:ce:38:6e:90:e2:62:60:c5:a2:72:ef:
77:de:9e:7e:06:eb:8f:57:09:1a:2a:39:17:41:bc:4f:c0:f2:
47:74:47:fc:f6:a7:c6:fa:5c:a3:c1:27:7b:38:83:c4:82:18:
dc:4e:5f:f8:c8:9a:af:08:41:b7:6c:8f:d4:3d:c3:db:33:13:
24:47:94:62:5f:6d:cb:35:be:b5:a8:41:94:68:b2:6e:8c:9c:
ad:82:84:7a:25:ff:17:eb:57:84:d7:28:da:41:9a:2f:83:55:
bb:e1:8d:b7:60:15:e5:43:a5:2c:01:4b:a9:03:bb:0a:15:07:
13:56:98:3d:ba:57:8b:2d:bf:f3:2f:ff:ae:3e:a6:0d:70:e8:
41:97:95:b5
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYKSBkl4mddLD1dh/CmjcPfBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjIwODEyMTIyNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjI5OGVjZTI2MTFkOGU5MGI0ODBlZTQ2OTA3ZDU3NmRjMDEzY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtX0ns1ZdOkrznr1oTrjEgMMLkl4
ln1xAY1l/9RsM+KrAmH1OnK423brZLPbuPq8IqCx6PHg5GVG7SNKVWxUFnW2952H
ZBvI3cYPbWMG0/3/hnDEVIPTFyZ8DWx/+ZNN5xDZwQ0TJd2pCYlWCxpQbE87hw0+
IQ+OvTQ8UKm9sxlGsmjxWjg9dlfmrZZXL7aJLCKsKUw67jlrnUmeqmtQAY2BuAhh
6W8wCHqsar2yoRuxILuPKB9DULRhnbWXeZw5TWZNwao0Yn2NjZilzzdOkqDox3PH
qbPZ4NjfQAP3gklBEeyf4nooRGhXng9Nzk94XnS1EWGkOGQ6Yd8T2wRwdwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFAIpjs4mEdjpC0gO5GkH1XbcATzrMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvQWltT3ppWVIyT2tMU0E3a2FRZlZkdHdCUE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MG4EAgABMGgwDAMEALlV
vQMEBrlVgDAMAwQAuVXtAwQEuVXgAwQAuVYFAwQAuVYNMAwDBAC5VpkDBAC5VpoD
BAK5VqQDBAC5VxgDBAG5VxowDAMEALlXeQMEArlXeAMEALliPAMEArl3UAMEALmN
IDANBAIAAjAHAwUDKgtngDANBgkqhkiG9w0BAQsFAAOCAQEAWZk3ZV3kHatw1sBf
IAAKq3jD5pnLyaQaUDybjR2FJchM/fLnTKaQhGOskDh8bCLH6KDfe+ACcOIu1BsS
lLu4htHnMXj6cQSKXDFB2ayXkFUMlSMXNKeXmPDVMDWhe85xSZInSCiLafz2B3oQ
j17hiMrCPM44bpDiYmDFonLvd96efgbrj1cJGio5F0G8T8DyR3RH/Panxvpco8En
eziDxIIY3E5f+MiarwhBt2yP1D3D2zMTJEeUYl9tyzW+tahBlGiyboycrYKEeiX/
F+tXhNco2kGaL4NVu+GNt2AV5UOlLAFLqQO7ChUHE1aYPbpXiy2/8y//rj6mDXDo
QZeVtQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:49 2024 by rpki-client on console-fra.rpki-client.org